|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
|
|
LinkBack | Thread Tools |
11-03-2009, 07:10 PM
|
#1 (permalink) |
|
Registered User
Join Date: Nov 2009
Posts: 1
OS: Windows XP Home Edition
|
Need advice after running ComboFix
Windows XP Home Edition
AVG Antivirus Computer running slow No printer access Ran ComboFix After ComboFix was completed I did not reboot but here is the following text generated by ComboFix: ComboFix 09-11-03.01 - Dave 11/03/2009 19:21.1.1 - NTFSx86 Running from: c:\documents and settings\Dave\Desktop\ComboFix.exe * Created a new restore point . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\FunWebProducts c:\program files\FunWebProducts\ScreenSaver\Images\00195AC8.urr c:\program files\FunWebProducts\Shared\Cache\CursorManiaBtn.html c:\program files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html c:\program files\INSTALL.LOG c:\program files\MyWebSearch c:\program files\MyWebSearch\bar\1.bin\F3BKGERR.JPG c:\program files\MyWebSearch\bar\1.bin\F3SPACER.WMV c:\program files\MyWebSearch\bar\1.bin\F3WALLPP.DAT c:\program files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG c:\program files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR c:\program files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S c:\program files\MyWebSearch\bar\Cache\0020EFD2 c:\program files\MyWebSearch\bar\Cache\0020FED6 c:\program files\MyWebSearch\bar\Cache\0021122F.bin c:\program files\MyWebSearch\bar\Cache\002117FC.bin c:\program files\MyWebSearch\bar\Cache\00211ED2.bin c:\program files\MyWebSearch\bar\Cache\002125E6.bin c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S c:\program files\MyWebSearch\bar\Game\CHESS.F3S c:\program files\MyWebSearch\bar\Game\REVERSI.F3S c:\program files\MyWebSearch\bar\History\search3 c:\program files\MyWebSearch\bar\Message\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S c:\program files\MyWebSearch\bar\Notifier\DOG.F3S c:\program files\MyWebSearch\bar\Notifier\FISH.F3S c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S c:\program files\MyWebSearch\bar\Notifier\MAID.F3S c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S c:\program files\MyWebSearch\bar\Notifier\SURFER.F3S c:\program files\MyWebSearch\bar\Settings\prevcfg2.htm c:\program files\MyWebSearch\bar\Settings\s_pid.dat c:\program files\videosoft c:\program files\videosoft\SHARED FILES\VSPRINT7.OCX c:\windows\winhelp.ini . ((((((((((((((((((((((((( Files Created from 2009-10-04 to 2009-11-04 ))))))))))))))))))))))))))))))) . 2009-10-11 17:54 . 2009-10-11 17:54 -------- d-----w- c:\program files\File Shredder 2009-10-06 00:31 . 2009-10-07 04:13 -------- d-----w- c:\documents and settings\Dave\Application Data\Any Video Converter 2009-10-06 00:31 . 2009-10-06 00:32 -------- d-----w- c:\program files\Any Video Converter 2009-10-05 23:55 . 2009-10-06 00:05 -------- d-----w- c:\documents and settings\Dave\Application Data\GetRightToGo . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-11-04 01:31 . 2008-09-08 23:14 -------- d-----w- c:\documents and settings\Dave\Application Data\DNA 2009-11-04 01:00 . 2009-10-04 17:38 -------- d-----w- c:\documents and settings\Dave\Application Data\Orbit 2009-11-04 00:51 . 2008-09-08 23:14 -------- d-----w- c:\program files\DNA 2009-11-03 00:16 . 2009-10-04 17:38 -------- d-----w- c:\program files\Orbitdownloader 2009-11-02 23:23 . 2006-05-21 14:08 -------- d-----w- c:\program files\Password Tracker 2009-11-02 00:14 . 2006-05-20 18:58 -------- d-----w- c:\program files\Thumbs32 2009-10-21 22:19 . 2007-03-26 23:30 848 --sha-w- c:\windows\system32\KGyGaAvL.sys 2009-10-06 00:32 . 2006-05-16 21:18 63440 ----a-w- c:\documents and settings\Dave\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-10-04 22:34 . 2009-10-04 22:33 -------- d-----w- c:\program files\Any Flv Player 2009-10-04 22:33 . 2009-10-04 22:33 -------- d-----w- c:\documents and settings\Dave\Application Data\Video Converter for Any Flv Player 2009-10-04 17:38 . 2009-10-04 17:38 -------- d-----w- c:\documents and settings\Dave\Application Data\GrabPro 2009-09-29 23:24 . 2009-09-29 23:23 -------- d-----w- c:\documents and settings\Dave\Application Data\HpUpdate 2009-09-29 23:23 . 2006-05-17 00:12 -------- d-----w- c:\program files\HP 2009-09-11 14:18 . 2001-08-18 03:36 136192 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-04 21:03 . 2001-08-18 03:36 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-29 08:08 . 2004-01-08 20:23 916480 ----a-w- c:\windows\system32\wininet.dll 2009-08-26 08:00 . 2001-08-18 03:36 247326 ------w- c:\windows\system32\strmdll.dll 2009-08-22 15:59 . 2009-03-30 23:41 11952 ----a-w- c:\windows\system32\avgrsstx.dll 2009-08-22 15:59 . 2009-03-30 23:40 335240 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2009-08-22 15:59 . 2009-03-30 23:40 27784 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2009-08-20 20:09 . 2009-08-20 20:09 1193832 ----a-w- c:\windows\system32\FM20.DLL 2009-08-07 00:24 . 2006-05-16 20:28 327896 ----a-w- c:\windows\system32\wucltui.dll 2009-08-07 00:24 . 2005-05-26 09:19 209632 ----a-w- c:\windows\system32\wuweb.dll 2009-08-07 00:24 . 2006-05-16 20:28 44768 ----a-w- c:\windows\system32\wups2.dll 2009-08-07 00:24 . 2006-05-16 20:28 35552 ----a-w- c:\windows\system32\wups.dll 2009-08-07 00:24 . 2001-08-18 03:37 53472 ----a-w- c:\windows\system32\wuauclt.exe 2009-08-07 00:24 . 2001-08-18 03:36 96480 ----a-w- c:\windows\system32\cdm.dll 2009-08-07 00:23 . 2006-05-16 20:28 575704 ----a-w- c:\windows\system32\wuapi.dll 2009-08-07 00:23 . 2006-09-15 21:31 274288 ----a-w- c:\windows\system32\mucltui.dll 2009-08-07 00:23 . 2005-05-26 09:19 215920 ----a-w- c:\windows\system32\muweb.dll 2009-08-07 00:23 . 2001-08-18 03:36 1929952 ----a-w- c:\windows\system32\wuaueng.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2009-06-14 21:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll" [2009-06-14 1004800] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2008-12-18 342848] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2006-09-13 139264] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-02-20 39408] "Multi Reminders"="c:\program files\Multi Reminders\reminder.exe" [2009-02-22 228864] "googletalk"="c:\program files\Google\Google Talk\googletalk.exe" [2007-01-01 3739648] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ChkAdmin"="c:\progra~1\Compaq\COMPAQ~1\CHKADMIN.EXE" [2001-12-03 81920] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2003-11-01 32768] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-06-15 6803456] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2005-06-15 86016] "StrgSync.exe"="c:\program files\StorageSync\StrgSync.exe" [2004-07-19 3018752] "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2001-11-07 196608] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "SmartDefrag"="c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [2007-07-28 3647656] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-12-11 286720] "CookieWall"="c:\program files\AnalogX\CookieWall\cookie.exe" [2006-05-20 97796] "StartupDelayer"="c:\program files\r2 Studios\Startup Delayer\Startup Launcher.exe" [2007-12-14 26112] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 155648] "InCD"="c:\program files\Nero\Nero 7\InCD\InCD.exe" [2006-07-25 1043968] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-11-02 2028312] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "mumservice"="c:\program files\Motorola\Software Update\mumservice.exe" [2009-03-25 996608] "cpqek"="c:\program files\Compaq\Compaq EAB Software\cpqek.exe" [2001-05-17 65536] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-12-08 54576] "HP Component Manager"="c:\program files\HP\hpcoretech\hpcmpmgr.exe" [2005-01-12 241664] "Promon.exe"="Promon.exe" - c:\windows\system32\PROMon.exe [2001-08-09 61440] "Logitech Utility"="Logi_MwX.Exe" - c:\windows\LOGI_MWX.EXE [2003-11-07 19968] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2005-06-15 1519616] c:\documents and settings\Dave\Start Menu\Programs\Startup\ Super Finder.lnk - c:\program files\SuperFinder\SuperFinder.exe [2008-12-28 800256] Traydesk.lnk - c:\program files\Tray Desk\traydesk.exe [2000-2-1 10752] c:\documents and settings\All Users\Start Menu\Programs\Startup\ AWC.lnk - c:\program files\AWC\AWC.exe [2008-12-28 1261568] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoLogoff"= 01000000 "NoSMMyDocs"= 01000000 "NoSMMyPictures"= 01000000 [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2009-08-22 15:59 11952 ----a-w- c:\windows\system32\avgrsstx.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\K1RFD\\EchoLink\\EchoLink.exe"= "c:\\Program Files\\AVG\\AVG8\\avgemc.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= "c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"= "c:\\Program Files\\Motorola\\Software Update\\msu.exe"= "c:\\WINDOWS\\system32\\dpvsetup.exe"= "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= R1 RCKLPT;RCKLPT; [x] R2 ousbehci;%OWC_USBEHCD.DeviceDesc%;c:\windows\system32\Drivers\ousbehci.sys [2002-12-24 39040] R3 CPQSETUP.SYS;Compaq Installation Driver;c:\docume~1\DAVE\LOCALS~1\TEMP\_ISTMP2.DIR\_ISTMP0.DIR\CPQSETUP.SYS [x] R3 MotDev;Motorola Inc. USB Device;c:\windows\system32\DRIVERS\motodrv.sys [2007-10-10 42112] R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;c:\windows\system32\DRIVERS\ousb2hub.sys [2002-12-24 54016] R4 LCRMS;Insight Manager LC Remote Management;c:\program files\Compaq\LCRMS\LCRMS.EXE [2000-05-23 376881] S1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\Drivers\avgldx86.sys [2009-08-22 335240] S1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\Drivers\avgtdix.sys [2009-05-05 108552] S1 ClntMgmt;Compaq Client Management Driver;c:\windows\system32\Drivers\ClntMgmt.sys [2001-11-29 53926] S2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-08-22 908056] S2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-08-22 297752] S2 CpqDfwWebAgent;Compaq Remote Diagnostics Enabling Agent;c:\windows\Cpqdiag\Cpqdfwag.exe [2001-11-19 212992] S2 cpqWebDmi;Compaq DMI Web Agent;c:\progra~1\Compaq\COMPAQ~1\CPQWEB~1\WebDmi.exe [2001-12-03 24576] --- Other Services/Drivers In Memory --- *NewlyCreated* - MBR *NewlyCreated* - PROCEXP113 *Deregistered* - mbr *Deregistered* - PROCEXP113 . Contents of the 'Scheduled Tasks' folder 2009-10-31 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-12-06 20:57] 2009-11-03 c:\windows\Tasks\WebReg 20080421181837.job - c:\program files\HP\Digital Imaging\bin\hpqwrg.exe [2003-07-07 06:43] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ uInternet Settings,ProxyOverride = localhost uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &ieSpell Options - c:\program files\ieSpell\iespell.dll/SPELLOPTION.HTM IE: Check &Spelling - c:\program files\ieSpell\iespell.dll/SPELLCHECK.HTM IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: {079E6D7C-3086-44BB-9BF2-CC2B9074F549} = 24.116.2.50,24.116.2.34 Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab . - - - - ORPHANS REMOVED - - - - HKCU-Run-SPSTEALT - c:\program files\Free History Eraser\HistoryEraser.exe HKCU-Run-updateMgr - c:\program files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe HKCU-Run-Software Informer - c:\program files\Software Informer\softinfo.exe HKLM-Run-DXDllRegExe - dxdllreg.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-11-03 19:37 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2009-11-04 19:40 ComboFix-quarantined-files.txt 2009-11-04 01:40 Pre-Run: 57,134,620,672 bytes free Post-Run: 60,632,289,280 bytes free WindowsXP-KB310994-SP2-Home-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /fastdetect /noguiboot /NoExecute=OptIn Double clicking on Windows Firewall gives message "Windows Firewall setting cannot be displayed... Do you want to start the windows... ICS service?" I click yes and message comes up: "Windows cannot start.... ICS Service" I am going to reboot now. |
|
     |
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
| Thread Tools | |
|
|
